Source |
Hacking Articles |
Identifiant |
367777 |
Date de publication |
2017-05-23 12:07:30 (vue: 2017-05-23 12:07:30) |
Titre |
Exploit Windows PC using EternalBlue SMB Remote Windows Kernel Pool Corruption |
Texte |
This module is a port of the Equation Group ETERNALBLUE exploit, part of the FuzzBunch toolkit released by Shadow Brokers. There is a buffer overflow memmove operation in Srv!SrvOs2FeaToNt. The size is calculated in Srv!SrvOs2FeaListSizeToNt, with mathematical error where a DWORD is subtracted into a WORD. The kernel pool is groomed so that overflow is... Continue reading →
|
Envoyé |
Oui |
Condensat |
appeared articles brokers buffer calculated continue corruption dword equation error eternalblue exploit first fuzzbunch groomed group hacking kernel mathematical memmove module operation overflow part pool port post reading released remote shadow size smb srv srvos2fealistsizetont srvos2featont subtracted toolkit using where windows word |
Tags |
|
Stories |
|
Notes |
|
Move |
|